package cc.laop.controler;

import cc.laop.entity.ContentEntity;
import cc.laop.service.ContentService;
import cc.laop.support.filter.RequestLimit;
import org.apache.commons.collections.map.HashedMap;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Map;

/**
 * Created by Pengpeng on 2017/5/17.
 */
@Controller
@RequestMapping("/")
public class ContentController {

    private static final String SESSION_PWDKEY = "note_key";

    @Autowired
    private ContentService contentService;

    private HttpServletRequest request;

    private HttpServletResponse response;

    @ModelAttribute
    public void init(HttpServletRequest request, HttpServletResponse response) {
        this.request = request;
        this.response = response;
    }


    @RequestMapping(method = RequestMethod.GET)
    public ModelAndView createNote() {
        ModelAndView mv = new ModelAndView();
        ContentEntity content = contentService.add();
        mv.setViewName("redirect:" + content.getKey());
        return mv;
    }


    @RequestMapping(value = "{key}")
    @RequestLimit(ipLimit = 5, ipTime = 2000)
    public ModelAndView getnote(@PathVariable String key, String p) {
        ModelAndView mv = new ModelAndView();
        ContentEntity content = contentService.get(key);
        if (content == null) {
            // 不存在
            content = contentService.add();
        } else {
            if (!BooleanUtils.isNotTrue(content.getProtected())) {
                // 有密码保护
                if (!auth(key, p)) {
                    mv.setViewName("pwd");
                    mv.addObject("result", "-1");
                    return mv;
                }
            }
        }
        mv.addObject("result", "0");
        mv.addObject("content", content);
        mv.setViewName("content");
        return mv;
    }

    @RequestMapping(value = "s/{key}", method = RequestMethod.POST)
    @ResponseBody
    public Map<String, Object> update(@PathVariable String key, ContentEntity content) {
        Map<String, Object> map = new HashedMap();
        if (auth(key, null)) {
            content.setKey(key);
            contentService.update(content);
        } else {
            map.put("result", "-1");
        }
        return map;
    }


    @RequestMapping(value = "p/{key}", method = RequestMethod.POST)
    @ResponseBody
    public Map<String, Object> changePwd(@PathVariable String key, String p) {
        Map<String, Object> map = new HashedMap();
        ContentEntity content = contentService.get(key);
        if (content != null && auth(key, null)) {
            content.setProtected(true);
            content.setPassword(p);
            contentService.update(content);
            request.getSession().setAttribute(SESSION_PWDKEY, p);
        } else {
            map.put("result", "-1");
        }
        return map;
    }


    private boolean auth(String key, String p) {
        ContentEntity content = contentService.get(key);
        if (content != null && StringUtils.isNotEmpty(content.getPassword())) {
            if (StringUtils.isEmpty(p)) {
                p = (String) request.getSession().getAttribute(SESSION_PWDKEY);
            }
            if (content.getPassword().equals(p)) {
                request.getSession().setAttribute(SESSION_PWDKEY, p);
                return true;
            } else {
                return false;
            }
        }
        return true;
    }


}
